[Snort-users] snort and ./snarf, install, mild confusion

curt curtpdx at ...834...
Fri Nov 24 23:09:32 EST 2000


Hi all,

1) My Snort install doesn't seem to be running.  I installed from the 
linuxnewbie.org article, and all seemed OK, or at least there were no 
explicit errors.

However, when I (as suggested in the article)

bash-2.04# ps -ax | grep snort

the response is:

10087 pts/0    S      0:00 grep snort
bash-2.04#

neither top nor ps show snort running.  Methinks it ain't.  Could 
someone kindly clarify?


2) hope this isn't OT, but

Regarding snortsnarf, I installed from the same linuxnewbie article.

after extract, I

bash-2.04# cd SnortSnarf-102700.1
bash-2.04# cd include
bash-2.04# cp ./* /usr/lib/perl5/site_perl/5.005/
bash-2.04# cd /tmp/SnortSnarf-102700.1/cgi
bash-2.04# cp ./* /usr/local/httpd/cgi-bin/
bash-2.04# cd /tmp/SnortSnarf-102700.1
bash-2.04# mkdir /snarf
bash-2.04# cd /tmp/SnortSnarf-102700.1
bash-2.04# cp snortsnarf.pl /snarf
bash-2.04# cd  /snarf
bash-2.04# ./snortsnarf.pl -rulesdir /etc/snort \
-rulesfile /etc/snort/snort-lib
-d /usr/local/httpd/htdocs/snort \
/var/log/snort/snort.alert \
/var/log/snort/portscan.log

the response to this last command is:

Couldn't open  input file /var/log/snort/snort.alert

bash-2.04#

this is a proper response, as there is no file  /var/log/snort/snort.alert

What am I missing here?  (god, I hope it's not a typo...)

big tia,

curt

sysinfo:

Linux 2.2.16
SuSE 7.0
snort 1.3.6




More information about the Snort-users mailing list